This privacy policy sets out how Age Connects Torfaen (ACT) uses and protects any information the organisation holds in order to communicate with you.

ACT is committed to being transparent about how it collects and uses that data and to ensuring that your privacy is protected.

Why do you receive communication from ACT?

We send information about our activities, events and services to existing stakeholders or partners whose contact information we have obtained over the course of our relationship with them.  We will also respond to an initial request contact.

What information does ACT collect?

ACT may collect and process a range of information about you. This includes:

  • Name, address and contact details including email address and telephone number
  • Name of your organisation or employer, their address and contact details
  • Your job title or area of work

ACT may collect this information in a variety of ways. For example, data might be collected through applications or forms; quotes; invoices; purchase orders; contracts; service level agreements; from correspondence with you; or through interviews, meetings, or other assessments.

How do we use your personal data?

We use your personal data in order to send you information about ACT services, activities and events that we believe would be useful to you.  Your personal data will also be used to assist in respnding to your request.   We also share news stories and key information from AgeConnectsWales, third sector or other linked partners which we believe may interest you. We may also use personal data to measure the effectiveness of our marketing.

Why does ACT process personal data?

The law on data protection sets out a number of different reasons for which an organisation may collect and process your personal data, including:

Consent:

In specific situations, ACT can collect and process your data with your consent.

Legitimate interest:

In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our organisation and which does not materially impact your rights, freedom or interests.

Who has access to data?

Your information may be shared internally with members of staff, volunteers and members of the Board of Trustees, if this is necessary in the performance of their role.

ACT shares your data with third parties in order to create and send communications with you effectively. ACT may also share your data with third parties that provide IT support on behalf of the organisation if this is necessary. We may also share your data with third parties who are assisting us to market and communicate to our stakeholders effectively.

If we transfer your personal information to another country, we’ll take appropriate measures to protect your privacy and the personal information we transfer.

How does ACT protect data?

Data will be stored in a range of different places, including on the organisations secure shared server, in ACT’s communication system (Eventbright) and in other IT systems (including ACT’s email system and Charity Log).

ACT takes the security of your data seriously. ACT has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties.

Where ACT engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.

For how long does ACT keep data?

We keep your personal data for communication purposes for as long as you want to receive newsletters from us.   We review communication personal data every three years, you will be contacted by email requesting a response.  If you decide to opt-out of or withdraw your consent to our newsletter or information emails, we will no longer use your personal data for this purpose.

How can you affect the marketing you are receiving?

You can easily withdraw consent to our marketing messages by clicking the ‘unsubscribe’ link at the bottom of each marketing email. You can also alter your preferences by clicking the ‘update your preferences’ link at the bottom of each marketing email.

You may also choose to stop receiving communications from ACT at any time by sending notice of your decision to the following contact details:

by email atwiddershins@ageconnectstorfaen.org

by calling 01495 769264

Your rights

As a data subject, you have a number of rights. You can:

  • access and obtain a copy of your data on request;
  • require ACT to change incorrect or incomplete data;
  • require ACT to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing, and
  • object to the processing of your data where ACT is relying on its legitimate interests as the legal ground for processing.

If you would like to exercise any of these rights, please contact:

Data Protection Officer: Tracey Jones

Age Connects Torfaen
The Widdershins Centre, East Avenue
Griffithstown, Pontypool
Gwent, NP4 5AB

Telephone: 01495 769264

Email: tracey.jones@ageconnectstorfaen.org

Checking your identity

To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.

Contacting the Regulator

If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

You can contact them by calling 0303 123 1113.

Or go online to www.ico.org.uk/concerns (opens in a new window; please note we can’t be responsible for the content of external websites)

Amendments

This privacy policy may be amended from time to time consistent with the requirements of the General Data Protection Regulation. We will communicate any changes to you.